From 8d0876b8d7afc43ee9b1c920be34796ffc23c192 Mon Sep 17 00:00:00 2001 From: Julian Lam Date: Thu, 11 Apr 2024 10:39:51 -0400 Subject: [PATCH] fix: send hs2019 as algo (to match cavage-12, handle incoming algorithm value --- src/activitypub/index.js | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/src/activitypub/index.js b/src/activitypub/index.js index 24b3b22679..1445f92f39 100644 --- a/src/activitypub/index.js +++ b/src/activitypub/index.js @@ -2,7 +2,7 @@ const nconf = require('nconf'); const winston = require('winston'); -const { createHash, createSign, createVerify } = require('crypto'); +const { createHash, createSign, createVerify, getHashes } = require('crypto'); const request = require('../request'); const db = require('../database'); @@ -143,7 +143,7 @@ ActivityPub.sign = async ({ key, keyId }, url, payload) => { return { date, digest, - signature: `keyId="${keyId}",headers="${headers}",signature="${signature}",algorithm="rsa-sha256"`, + signature: `keyId="${keyId}",headers="${headers}",signature="${signature}",algorithm="hs2019"`, }; }; @@ -155,7 +155,7 @@ ActivityPub.verify = async (req) => { } // Break the signature apart - const { keyId, headers, signature } = req.headers.signature.split(',').reduce((memo, cur) => { + let { keyId, headers, signature, algorithm } = req.headers.signature.split(',').reduce((memo, cur) => { const split = cur.split('="'); const key = split.shift(); const value = split.join('="'); @@ -163,6 +163,11 @@ ActivityPub.verify = async (req) => { return memo; }, {}); + const acceptableHashes = getHashes(); + if (algorithm === 'hs2019' || !acceptableHashes.includes(algorithm)) { + algorithm = 'sha256'; + } + // Re-construct signature string const signed_string = headers.split(' ').reduce((memo, cur) => { if (cur === '(request-target)') {